name resolution in windows server 2008 (r2). name resolution overview netbios name resolution host...

DNS & PNRPName Resolution in Windows Server 2008 (R2)

Name Resolution Overview NetBIOS name resolution Host name resolution Peer Name Resolution

Name Resolution Overview NetBIOS name resolution

* Originally a broadcast-based NR protocol in PC-LAN & LM networks on top of NetBEUI* Based on single-label names (non-hierarchical)* Uses lmhosts (static) files, broadcasts and WINS (NBNS) servers in TCP/IP networks

Host name resolution* Original ARPANET (Internet) NR protocol* Based on multi-level names (hierarchical)* Distributed database model* Uses hosts (static) files and DNS Servers

Name Resolution Overview Peer Name Resolution

* Strictly for IPv6 addresses* Distributed and serverless protocol* Real-time updates* Adresses computers, ports and services* Unsecured or secured with PK-cryptography

Protocol stack comparison

P

A

D

N

T

S

P

NetBIOS Interface WinSock Interface

LLCMAC

NetBEUI(NBF)

SMB

SMB, CIFS, HTTP

TCP UDP

IP

medium

ARP, PPP, xDLC802.n

Broadcast NR Traffic Unicast NR Traffic

medium

802.n

Protocol stack comparison

P

A

D

N

T

S

P

NetBIOS InterfaceWinSock Interface

LLCMAC

SMB

SMB, CIFS, HTTP

TCP UDP

IP

medium

ARP, PPP, xDLC802.n

Broadcast NR Traffic Unicast NR Traffic

NBT

NetBIOS over TCP/IP helper

Internet DNS Namespace“ “root

.com.edu

.gov.int

.mil.net

.org

“13” root-servers.net

gTLD’sgeneric Top Level Domains

.yale .ucla.mit

.army.airforce.navySecond LevelDomains

.math.physics

.lawThird LevelDomains

a.root-servers.netb.root-servers.netc.root-servers.netd.root.servers.nete.root-servers.netf.root-servers.netg.root-servers.net

…l.root-servers.netm.root-servers.net


.com.edu

.gov.int

.mil.net

.org



ISO 3166 country codes

.be.de

.jp.fr

.nl.il .ru .tw .tv.nu.au

.gb.gb




.com.edu

.gov.int

.mil.net

.org



ISO 3166 country codes

.be.de

.jp.fr

.nl.il .ru .tw .tv.nu.au

.ukccTLD’s

Country codeTop Level Domains



m.root-servers.net.

202.12.27.33l.root-servers.net.198.32.64.12k.root-servers.net.

193.0.14.129j.root-servers.net.198.41.0.10i.root-servers.net.192.36.148.17h.root-servers.net.

128.63.2.53g.root-servers.net.

192.112.36.4f.root-servers.net.192.5.5.241e.root-servers.net.

192.203.230.10d.root-servers.net.

128.8.10.90c.root-servers.net.

192.33.4.12b.root-servers.net.

128.9.0.107a.root-servers.net.

198.41.0.4

Recursive query“ “root

.amazon

.com


http://www.amazon.com

ww

w.a

maz

on.c

om?

? Root hints

Own zone? No!…

Cached? No!…

Cached? No!…Ask my DNS server

www

Iterative query“ “root

.amazon

.com



ww

w.a

maz

on.c

om?

? www.amazon.com?

Don’t know … ask .com

server!www.amazon.com?

amazon.com NS = 93.151.75.200 !www.amazon.com?

Oh, it’s … 93.151.75.13!

www

Recursive response“ “root

.amazon

.com



ww

w.a

maz

on.c

om?

? www.amazon.com?

Don’t know … ask .com

server!www.amazon.com?

amazon.com NS = 93.151.75.200 !www.amazon.com?

Oh, it’s … 93.151.75.13!

Ah, i

t’s

…

93.1

51.7

5.13

!

www

Recursive response“ “root

.amazon

.com



?

www

Cached: www.amazon.com = 93.181.75.13TTL = 3600

Domain vs. Zone

Domain is a node in the Internet namespace

Root domain is largest domain Zone is a file that contains records

for a domain with or without child domains

Zones can only contain contiguous domains

Child domains can be delegated to separate DNS servers (=zone delegation)

Domain vs. Zone.a

rpa .in

t

.gov

.mil

.co

m

.net

.ed

u

.org

.ccTLD’s

.acm

e.a

maz

on.b

ol.h

p.m

icro

soft

.con

toso

.goo

gle

.mys

pace

.you

tube

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

Root Domain

.com Domain.microsoft Domain

“.” (root)

Domain vs. Zone.a

rpa .in

t

.gov

.mil

.co

m

.net

.ed

u

.org

.ccTLD’s

.acm

e.a

maz

on.b

ol.h

p.m

icro

soft

.con

toso

.goo

gle

.mys

pace

.you

tube

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

“.” (root)

Domain vs. Zone

.co

m.m

icro

soft

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

“.” (root)

Single contiguous DNS zonefilecontains all records for domains:microsoft.comone.microsoft.comtechnet.microsoft.commsdn.microsoft.commcp.microsoft.comupdate.microsoft.comsupport.microsoft.com

Domain vs. Zone

.co

m.m

icro

soft

“.” (root)

DNS zonefilecontains only records for:microsoft.com

Delegated zonesEach DNS server contains a separate zone for each delegation:one.microsoft.comtechnet.microsoft.commsdn.microsoft.commcp.microsoft.comupdate.microsoft.comsupport.microsoft.com

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

Partly delegated contiguous DNS zonefilecontains records for:microsoft.com one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com

Domain vs. Zone

.co

m.m

icro

soft

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

“.” (root)

Delegated zonesEach DNS server contains a separate zone for each delegation:update.microsoft.comsupport.microsoft.com

Partly delegated contiguous DNS zonefilecontains records for:microsoft.com one.microsoft.com technet.microsoft.com msdn.microsoft.com mcp.microsoft.com

Domain vs. Zone

.co

m.m

icro

soft

.one

.tec

hnet

.msd

n.m

cp.u

pdat

e.s

uppo

rt

“.” (root)

Illegal delegationDomains .update and .support are non-contiguous(common parent needed)

Zone types

Primary zone Secondary zone Stub zone AD integrated zone (acts as primary

zone) RODC AD integrated zone (acts as

primary Read-Only zone)

Primary Zone

.co

m

“.” (root)

Primary Zone file contains R/W-version of data

acme.com.dnsacme.com IN SOAwww.acme.com 10.10.0.50srv1.acme.com 10.10.0.20mail.acme.com 10.10.0.30

Manual updates

Automatic updates

Refreshes

ns1.acme.com 10.10.0.40ns2.acme.com 10.10.0.60pc1.acme.com 10.10.0.100pc2.acme.com 10.10.0.101pc3.acme.com 10.10.0.102

.acm

e

Secondary Zone


acme.com.dnsacme.com IN SOAwww.acme.com 10.10.0.50srv1.acme.com 10.10.0.20mail.acme.com 10.10.0.30

Manual updates

Automatic updates

Refreshes

ns1.acme.com 10.10.0.40ns2.acme.com 10.10.0.60pc1.acme.com 10.10.0.100pc2.acme.com 10.10.0.101pc3.acme.com 10.10.0.102

Secondary Zone file contains R/O-version of data

.co

m

“.” (root)

.acm

e

Secondary Zone



.co

m

“.” (root)

.acm

e

Request full zone transfer (AXFR)

Authorized?…Yes!

And Full Zone Transfer (AXFR)

DNS Notify



.co

m

“.” (root)

.acm

e

And Incremental Zone Transfer (IXFR)

Update

DNS Notify

Database version increment

Get SOA recordVersion increment = 1IXFR (1 record)(send 1 record)

Database version increment

Aging and Scavenging

T0

Dis

cover O

ffer

Request

Ackn

ow

led

ge

Registe

r D

NS

Request

Ackn

ow

led

ge

Registe

r D

NS

Request

Ackn

ow

led

ge

Registe

r D

NS

Tl

1 st No-Refresh Interval Refresh Interval2nd No-Refresh Interval

DHCP

DNS

Lease

0,5 Lease Renewed Lease

0,5 Lease Renewed Lease

Zone fileversion: 1

2

3

Aging and Scavenging

T0

Dis

cover O

ffer

Request

Ackn

ow

led

ge

Registe

r D

NS

Tl

1 st No-Refresh Interval Refresh Interval

DHCP

Lease

0,5 Lease

Scavenging Interval

DNS

Reverse Lookups

Resolve IP-addresses to FQDN’s Reverse indexes the Internet Uses the in-addr.arpa or ip6.arpa

Domain Requires participation of domain

holders Used for inbound SMTP server

determination(and more)

Reverse Lookups

Compare:hostname structure IP-address structure

Srv3.east.acme.com.Internet rootdomaingTLD

2nd Leveldomain

3rd Leveldomain

Hostname

Left-to-rig

ht = Up th

e hierarchy

Reverse Lookups


Srv3.east.acme.com.

191.124.17.201/24191.124.17.201

Host-IDNet-IDLeft-to-right = Down the hierarchy

Reverse Lookups


Srv3.east.acme.com.

191.124.17.201

201.17.124.191.in-addr.arpa.“Host-ID” “Internet root”Left-to-right = Up the hierarchy

Reverse Lookups

Example IP-address 191.124.17.201 Find PTR 201.17.124.191.in-

addr.arpa. Iterates between DNS servers to find:

17.124.191.in-addr.arpa zone Finds 201 PTR record with name:

201 IN PTR srv3.acme.com Responsibility of acme.com domain

holder to maintain PTR records

Reverse Lookups.in

t

.gov

.mil

.in-a

ddr

.arp

a

.org

.ccTLD’s

1 2 3 … 191

192

… 254

255

1

“.” (root)

2 3 … 124

125

… 254

255

2 3 … 17 18 … 254

255

1

17.124.191.in-addr.arpa.acme.com IN SOA……199 PTR srv1.acme.com200 PTR srv2.acme.com201 PTR srv3.acme.com202 PTR srv4.acme.com……

What name belongs to IP:191.124.17.201 ?

srv3.acme.com !

191

.in-addr.arpa191.124.17.201.

Peer Name Resolution Protocol Mentioned on P2P conference

November 2001 July 2003: Advanced Networking Pack

for XP Later SP2 for XP PNRP 2.0 in Windows Vista, available for

XP PNRP 2.1 in:

* Windows Vista SP1* Windows Server 2008* Windows XP SP3* Windows 7 Easy Connect (Remote Assistance)

Peer Name Resolution Protocol

PNRP Clouds:A Cloud is a group of connected PNRP nodes(any node can resolve a name published by another node in the cloud)

Three cloud scopes:1. Global2. Site Local (deprecated)3. Link Local

When starting PNRP service it joins multiple clouds

Transient connectivity and shortcomings in DNS

Easily scales to billions of names

Peer name is a communications endpoint

Consists of Authority.Classifier (256 bits)

P2P and PNRP ID’s

e06bf33a5b21 …

SHA-1

. Friendly Name

= P2P ID

SHA-1

5ff01aac793c121f … (128 – bits hash)

Service Location (128 – bits) = PNRP ID

Authority Classifier

256 bits

Peer name is a communications endpoint

Consists of Authority.Classifier (256 bits)

P2P and PNRP ID’s

e06bf33a5b21 …

SHA-1

. Friendly Name

= P2P ID

SHA-1

5ff01aac793c121f … (128 – bits hash)

Service Location (128 – bits) = PNRP ID

Authority Classifier

256 bits

PNRP ID

Authority = 0 if unsecure, value if secure

P2P and PNRP ID’s

PNRP ID

Cache

End

Questions??

name resolution in windows server 2008 (r2). name resolution overview netbios name resolution host...

Documents

resolution slide

resolution overview

resolution host

resolution peer

dns servers slide

level domains iso

r2 slide

resolution overview